strict;
use Carp;
use WWW::Mechanize;
use PHP::Session;
use CGI::Lite;
use strict;
 
my $webaddress = 'http://192.168.133.137/simplsmdr/index.html';
my $user_id = 'user';
my $passwd = 'pass';
my $session_name = 'PHPSESSID';

my $mech = WWW::Mechanize->new(
    cookie_jar      => {},
    autocheck       => 0,
    onerror         => \&Carp::croak,
);

# Login Form
my $response = $mech->get($webaddress);
if (!$response->is_success) {
    die "Login page unreachable $webaddress: ",  $response->status_line, "\n";
}
 
# Login
$mech->form_name("login");
$mech->field('username', $user_id);
$mech->field('passwd', $passwd);
my $response = $mech->click();
if ($response->is_success) {
    print $mech-> content();
	} 
else {
    die "Login failed: ",  $response->status_line, "\n";
}
my $cgi = new CGI::Lite;
my $cookies = $cgi->parse_cookies;
if ($cookies->{$session_name}) {
   my $session = PHP::Session->new($cookies->{$session_name});
   # now, try to dump _s_pod variable from session
   print "uid:",Dumper($session->get('uid'));
} else {
   print "can't find session cookie $session_name";
}

##</code><code>##

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<title>Login</title>
		<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.1/css/all.css">
    <link href="lib/style.css" rel="stylesheet" type="text/css">
	</head>
	<body>
		<div class="login">
			<h1>Login</h1>
			<form action="authenticate.php" name="login" method="post">
				<label for="username">
					<i class="fas fa-user"></i>
				</label>
				<input type="text" name="username" placeholder="Username" id="username" required>
				<label for="password">
					<i class="fas fa-lock"></i>
				</label>
				<input type="password" name="password" placeholder="Password" id="password" required>
				<input type="submit" value="Login" name="login">
			</form>
		</div>
        <div class="login">
        <h2>If you don't have an account, please click to <A HREF="register.html">register</A></h2>
        </div>
	</body>
</html>

##</code><code>##

<?php
session_start();
require_once "lib/config.php";

// Now we check if the data from the login form was submitted, isset() will check if the data exists.
if ( !isset($_POST['username'], $_POST['password']) ) {
	// Could not get the data that should have been sent.
	die ('Please fill both the username and password field!');
}
// Prepare our SQL, preparing the SQL statement will prevent SQL injection.
if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
	// Bind parameters (s = string, i = int, b = blob, etc), in our case the username is a string so we use "s"
	$stmt->bind_param('s', $_POST['username']);
	$stmt->execute();
	// Store the result so we can check if the account exists in the database.
	$stmt->store_result();
}
if ($stmt->num_rows > 0) {
	$stmt->bind_result($id, $password);
	$stmt->fetch();
	// Account exists, now we verify the password.
	// Note: remember to use password_hash in your registration file to store the hashed passwords.
	if (password_verify($_POST['password'], $password)) {
		// Verification success! User has loggedin!
		// Create sessions so we know the user is logged in, they basically act like cookies but remember the data on the server.
		session_regenerate_id();
		$_SESSION['loggedin'] = TRUE;
		$_SESSION['name'] = $_POST['username'];
		$_SESSION['id'] = $id;
		header('Location: index.php');
	} else {
		header('Location: index.html');
	}
} else {
	header('Location: index.html');
}
$stmt->close();

##</code><code>##

<!DOCTYPE html>
<html>
        <head>
                <meta charset="utf-8">
                <title>Login</title>
                <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.1/css/all.css">
    <link href="lib/style.css" rel="stylesheet" type="text/css">
        </head>
        <body>
                <div class="login">
                        <h1>Login</h1>
                        <form action="authenticate.php" name="login" method="post">
                                <label for="username">
                                        <i class="fas fa-user"></i>
                                </label>
                                <input type="text" name="username" placeholder="Username" id="username" required>
                                <label for="password">
                                        <i class="fas fa-lock"></i>
                                </label>
                                <input type="password" name="password" placeholder="Password" id="password" required>
                                <input type="submit" value="Login" name="login">
                        </form>
                </div>
        <div class="login">
        <h2>If you don't have an account, please click to <A HREF="register.html">register</A></h2>
        </div>
        </body>
</html>
can't find session cookie PHPSESSID